/terraform-openstack-security

OpenStack Security Terraform Module

Primary LanguageHCL

OpenStack Security Group Terraform Module

Usage

Security group with pre-defined rules

module "sg" {
  source = "./modules/terraform-openstack-modules/terraform-openstack-security"

  name          = "staging-sg"
  ingress_cidr  = "10.20.30.0/24"
  ingress_rules = ["ssh-tcp"]
  tags          = ["staging"]
}

Security group with custom rules

module "sg" {
  source = "./modules/terraform-openstack-modules/terraform-openstack-security"

  name          = "custom-sg"
  ingress_with_cidr_blocks = [
    {
      rule       = "postgresql-tcp"
      cidr_block = "0.0.0.0/0"
    },
    {
      rule       = "postgresql-tcp"
      cidr_block = "30.30.30.30/32"
    },
    {
      from_port   = 10
      to_port     = 20
      protocol    = 6
      description = "Service name"
      cidr_block  = "10.10.0.0/20"
    },
  ]
  tags          = ["staging"]
}

Requirements

Name Version
terraform >= 0.14.0
openstack >= 1.35.0

Providers

Name Version
openstack >= 1.35.0

Modules

No modules.

Resources

Name Type
openstack_networking_secgroup_rule_v2.ingress_rules resource
openstack_networking_secgroup_rule_v2.ingress_with_cidr_blocks resource
openstack_networking_secgroup_v2.this resource

Inputs

Name Description Type Default Required
create_sg Whether to create security group bool true no
description Description of security group string "Security Group managed by Terraform" no
ingress_cidr IPv4 CIDR to use on all ingress rules string "0.0.0.0/0" no
ingress_rules List of ingress rules to create by name list(string) [] no
ingress_with_cidr_blocks List of ingress rules to create where 'cidr_blocks' is used list(map(string)) [] no
name Name of security group - not required if create_sg is false string null no
security_group_id ID of existing security group whose rules we will manage string null no
tags A list of tags to assign to security group list(string) [] no

Outputs

Name Description
security_group_id The ID of the security group